Skip to main content
The API Keys tab is where you can generate and label API keys to connect to the platform’s features programmatically. Use these keys to establish and maintain connections with other services. We recommend regularly reviewing your API keys and deleting any that are no longer needed to protect your project from unauthorized access.
API keys are project-specific and provide access to project resources. Keep them secure and rotate them regularly.

API Keys List

The API keys list displays all keys created for this project. Use the Search by name or key field to find a specific key. Each entry shows the following columns:

Key Types

When creating a new API key, you must select one of the following key types:

Create a New API Key

1

Open the Create API Key form

In the Settings → API Keys tab, select the Create API Key button.
2

Select a Key Type

Choose either Privileged Key or Locked-Down Viewer Key depending on the level of access required.
3

Name the key

Enter a descriptive name in the Key Name field that clearly identifies the key’s purpose.
4

Generate the key

Select the Generate button. The key will be created and appear in the API keys list.
Copy and securely store your API key immediately after generation. The full key value may not be shown again.

Delete an API Key

The Automator Key is a system key created automatically for every project and cannot be deleted. All other API keys you create can be deleted as needed.
  1. In the Settings → API Keys tab, select the Delete link for the key you want to remove.
  2. Confirm the deletion in the popup.
A success message will confirm the deletion and the key will no longer appear in the list.

Best Practices

  1. Use the right key type: Use Privileged Keys only for trusted, server-side integrations. Use Locked-Down Viewer Keys for public-facing or channel bot deployments.
  2. Clear naming: Use descriptive names that clearly indicate a key’s purpose and the integration it belongs to.
  3. Rotate regularly: Delete and regenerate keys periodically to reduce the risk of unauthorized access.